ID CVE-2011-3192
Summary The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
References
Vulnerable Configurations
  • Apache Software Foundation Apache HTTP Server 1.3
    cpe:2.3:a:apache:http_server:1.3
  • Apache Software Foundation Apache HTTP Server 1.3.0
    cpe:2.3:a:apache:http_server:1.3.0
  • Apache Software Foundation Apache HTTP Server 1.3.1
    cpe:2.3:a:apache:http_server:1.3.1
  • Apache Software Foundation Apache HTTP Server 1.3.1.1
    cpe:2.3:a:apache:http_server:1.3.1.1
  • Apache Software Foundation Apache HTTP Server 1.3.2
    cpe:2.3:a:apache:http_server:1.3.2
  • Apache Software Foundation Apache HTTP Server 1.3.3
    cpe:2.3:a:apache:http_server:1.3.3
  • Apache Software Foundation Apache HTTP Server 1.3.4
    cpe:2.3:a:apache:http_server:1.3.4
  • Apache Software Foundation Apache HTTP Server 1.3.5
    cpe:2.3:a:apache:http_server:1.3.5
  • Apache Software Foundation Apache HTTP Server 1.3.6
    cpe:2.3:a:apache:http_server:1.3.6
  • Apache Software Foundation Apache HTTP Server 1.3.7
    cpe:2.3:a:apache:http_server:1.3.7
  • Apache Software Foundation Apache HTTP Server 1.3.8
    cpe:2.3:a:apache:http_server:1.3.8
  • Apache Software Foundation Apache HTTP Server 1.3.9
    cpe:2.3:a:apache:http_server:1.3.9
  • Apache Software Foundation Apache 1.3.10
    cpe:2.3:a:apache:http_server:1.3.10
  • Apache Software Foundation Apache HTTP Server 1.3.11
    cpe:2.3:a:apache:http_server:1.3.11
  • Apache Software Foundation Apache HTTP Server 1.3.12
    cpe:2.3:a:apache:http_server:1.3.12
  • Apache Software Foundation Apache 1.3.13
    cpe:2.3:a:apache:http_server:1.3.13
  • Apache Software Foundation Apache HTTP Server 1.3.14
    cpe:2.3:a:apache:http_server:1.3.14
  • Apache Software Foundation Apache 1.3.15
    cpe:2.3:a:apache:http_server:1.3.15
  • Apache Software Foundation Apache 1.3.16
    cpe:2.3:a:apache:http_server:1.3.16
  • Apache Software Foundation Apache HTTP Server 1.3.17
    cpe:2.3:a:apache:http_server:1.3.17
  • Apache Software Foundation Apache HTTP Server 1.3.18
    cpe:2.3:a:apache:http_server:1.3.18
  • Apache Software Foundation Apache HTTP Server 1.3.19
    cpe:2.3:a:apache:http_server:1.3.19
  • Apache Software Foundation Apache HTTP Server 1.3.20
    cpe:2.3:a:apache:http_server:1.3.20
  • Apache Software Foundation Apache HTTP Server 1.3.22
    cpe:2.3:a:apache:http_server:1.3.22
  • Apache Software Foundation Apache HTTP Server 1.3.23
    cpe:2.3:a:apache:http_server:1.3.23
  • Apache Software Foundation Apache HTTP Server 1.3.24
    cpe:2.3:a:apache:http_server:1.3.24
  • Apache Software Foundation Apache HTTP Server 1.3.25
    cpe:2.3:a:apache:http_server:1.3.25
  • Apache Software Foundation Apache HTTP Server 1.3.26
    cpe:2.3:a:apache:http_server:1.3.26
  • Apache Software Foundation Apache HTTP Server 1.3.27
    cpe:2.3:a:apache:http_server:1.3.27
  • Apache Software Foundation Apache HTTP Server 1.3.28
    cpe:2.3:a:apache:http_server:1.3.28
  • Apache Software Foundation Apache HTTP Server 1.3.29
    cpe:2.3:a:apache:http_server:1.3.29
  • Apache Software Foundation Apache HTTP Server 1.3.30
    cpe:2.3:a:apache:http_server:1.3.30
  • Apache Software Foundation Apache HTTP Server 1.3.31
    cpe:2.3:a:apache:http_server:1.3.31
  • Apache Software Foundation Apache HTTP Server 1.3.32
    cpe:2.3:a:apache:http_server:1.3.32
  • Apache Software Foundation Apache HTTP Server 1.3.33
    cpe:2.3:a:apache:http_server:1.3.33
  • Apache Software Foundation Apache HTTP Server 1.3.34
    cpe:2.3:a:apache:http_server:1.3.34
  • Apache Software Foundation Apache HTTP Server 1.3.35
    cpe:2.3:a:apache:http_server:1.3.35
  • Apache Software Foundation Apache HTTP Server 1.3.36
    cpe:2.3:a:apache:http_server:1.3.36
  • Apache Software Foundation Apache HTTP Server 1.3.37
    cpe:2.3:a:apache:http_server:1.3.37
  • Apache Software Foundation Apache HTTP Server 1.3.38
    cpe:2.3:a:apache:http_server:1.3.38
  • Apache Software Foundation Apache HTTP Server 1.3.39
    cpe:2.3:a:apache:http_server:1.3.39
  • Apache Software Foundation Apache HTTP Server 1.3.41
    cpe:2.3:a:apache:http_server:1.3.41
  • Apache Software Foundation Apache HTTP Server 1.3.42
    cpe:2.3:a:apache:http_server:1.3.42
  • Apache Software Foundation Apache HTTP Server 1.3.65
    cpe:2.3:a:apache:http_server:1.3.65
  • Apache Software Foundation Apache HTTP Server 1.3.68
    cpe:2.3:a:apache:http_server:1.3.68
  • Apache Software Foundation Apache HTTP Server 2.0
    cpe:2.3:a:apache:http_server:2.0
  • Apache Software Foundation Apache HTTP Server 2.0.9a
    cpe:2.3:a:apache:http_server:2.0.9
  • Apache Software Foundation Apache HTTP Server 2.0.28
    cpe:2.3:a:apache:http_server:2.0.28
  • Apache Software Foundation Apache HTTP Server 2.0.28 Beta
    cpe:2.3:a:apache:http_server:2.0.28:beta
  • Apache Software Foundation Apache HTTP Server 2.0.32
    cpe:2.3:a:apache:http_server:2.0.32
  • Apache Software Foundation Apache HTTP Server 2.0.32 Beta
    cpe:2.3:a:apache:http_server:2.0.32:beta
  • Apache Software Foundation Apache HTTP Server 2.0.34 Beta
    cpe:2.3:a:apache:http_server:2.0.34:beta
  • Apache Software Foundation Apache HTTP Server 2.0.35
    cpe:2.3:a:apache:http_server:2.0.35
  • Apache Software Foundation Apache HTTP Server 2.0.36
    cpe:2.3:a:apache:http_server:2.0.36
  • Apache Software Foundation Apache HTTP Server 2.0.37
    cpe:2.3:a:apache:http_server:2.0.37
  • Apache Software Foundation Apache HTTP Server 2.0.38
    cpe:2.3:a:apache:http_server:2.0.38
  • Apache Software Foundation Apache HTTP Server 2.0.39
    cpe:2.3:a:apache:http_server:2.0.39
  • Apache Software Foundation Apache HTTP Server 2.0.40
    cpe:2.3:a:apache:http_server:2.0.40
  • Apache Software Foundation Apache HTTP Server 2.0.41
    cpe:2.3:a:apache:http_server:2.0.41
  • Apache Software Foundation Apache HTTP Server 2.0.42
    cpe:2.3:a:apache:http_server:2.0.42
  • Apache Software Foundation Apache HTTP Server 2.0.43
    cpe:2.3:a:apache:http_server:2.0.43
  • Apache Software Foundation Apache HTTP Server 2.0.44
    cpe:2.3:a:apache:http_server:2.0.44
  • Apache Software Foundation Apache HTTP Server 2.0.45
    cpe:2.3:a:apache:http_server:2.0.45
  • Apache Software Foundation Apache HTTP Server 2.0.46
    cpe:2.3:a:apache:http_server:2.0.46
  • Apache Software Foundation Apache HTTP Server 2.0.47
    cpe:2.3:a:apache:http_server:2.0.47
  • Apache Software Foundation Apache HTTP Server 2.0.48
    cpe:2.3:a:apache:http_server:2.0.48
  • Apache Software Foundation Apache HTTP Server 2.0.49
    cpe:2.3:a:apache:http_server:2.0.49
  • Apache Software Foundation Apache HTTP Server 2.0.50
    cpe:2.3:a:apache:http_server:2.0.50
  • Apache Software Foundation Apache HTTP Server 2.0.51
    cpe:2.3:a:apache:http_server:2.0.51
  • Apache Software Foundation Apache HTTP Server 2.0.52
    cpe:2.3:a:apache:http_server:2.0.52
  • Apache Software Foundation Apache HTTP Server 2.0.53
    cpe:2.3:a:apache:http_server:2.0.53
  • Apache Software Foundation Apache HTTP Server 2.0.54
    cpe:2.3:a:apache:http_server:2.0.54
  • Apache Software Foundation Apache HTTP Server 2.0.55
    cpe:2.3:a:apache:http_server:2.0.55
  • Apache Software Foundation Apache HTTP Server 2.0.56
    cpe:2.3:a:apache:http_server:2.0.56
  • Apache Software Foundation Apache HTTP Server 2.0.57
    cpe:2.3:a:apache:http_server:2.0.57
  • Apache Software Foundation Apache HTTP Server 2.0.58
    cpe:2.3:a:apache:http_server:2.0.58
  • Apache Software Foundation HTTP Server 2.0.59
    cpe:2.3:a:apache:http_server:2.0.59
  • Apache Software Foundation Apache HTTP Server 2.0.60 dev
    cpe:2.3:a:apache:http_server:2.0.60
  • Apache Software Foundation HTTP Server 2.0.61
    cpe:2.3:a:apache:http_server:2.0.61
  • Apache Software Foundation Apache HTTP Server 2.0.63
    cpe:2.3:a:apache:http_server:2.0.63
  • Apache Software Foundation Apache HTTP Server 2.0.64
    cpe:2.3:a:apache:http_server:2.0.64
  • Apache Software Foundation Apache HTTP Server 2.2.0
    cpe:2.3:a:apache:http_server:2.2.0
  • Apache Software Foundation Apache HTTP Server 2.2.1
    cpe:2.3:a:apache:http_server:2.2.1
  • Apache Software Foundation Apache HTTP Server 2.2.2
    cpe:2.3:a:apache:http_server:2.2.2
  • Apache Software Foundation Apache HTTP Server 2.2.3
    cpe:2.3:a:apache:http_server:2.2.3
  • Apache Software Foundation Apache HTTP Server 2.2.4
    cpe:2.3:a:apache:http_server:2.2.4
  • Apache Software Foundation Apache HTTP Server 2.2.6
    cpe:2.3:a:apache:http_server:2.2.6
  • Apache Software Foundation Apache HTTP Server 2.2.8
    cpe:2.3:a:apache:http_server:2.2.8
  • Apache Software Foundation Apache HTTP Server 2.2.9
    cpe:2.3:a:apache:http_server:2.2.9
  • Apache Software Foundation Apache HTTP Server 2.2.10
    cpe:2.3:a:apache:http_server:2.2.10
  • Apache Software Foundation Apache HTTP Server 2.2.11
    cpe:2.3:a:apache:http_server:2.2.11
  • Apache Software Foundation Apache HTTP Server 2.2.12
    cpe:2.3:a:apache:http_server:2.2.12
  • Apache Software Foundation Apache HTTP Server 2.2.13
    cpe:2.3:a:apache:http_server:2.2.13
  • Apache Software Foundation Apache HTTP Server 2.2.14
    cpe:2.3:a:apache:http_server:2.2.14
  • Apache Software Foundation Apache HTTP Server 2.2.15
    cpe:2.3:a:apache:http_server:2.2.15
  • Apache Software Foundation Apache HTTP Server 2.2.16
    cpe:2.3:a:apache:http_server:2.2.16
  • Apache Software Foundation Apache HTTP Server 2.2.18
    cpe:2.3:a:apache:http_server:2.2.18
  • Apache Software Foundation Apache HTTP Server 2.2.19
    cpe:2.3:a:apache:http_server:2.2.19
CVSS
Base: 7.8 (as of 30-08-2011 - 08:57)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
exploit-db via4
  • description Apache httpd Remote Denial of Service (memory exhaustion). CVE-2011-3192,CVE-2014-5329. Dos exploits for multiple platform
    file exploits/multiple/dos/17696.pl
    id EDB-ID:17696
    last seen 2016-02-02
    modified 2011-08-19
    platform multiple
    port
    published 2011-08-19
    reporter kingcope
    source https://www.exploit-db.com/download/17696/
    title Apache httpd Remote Denial of Service memory exhaustion
    type dos
  • description Apache HTTP Server Denial of Service. CVE-2011-3192,CVE-2014-5329. Dos exploit for linux platform
    id EDB-ID:18221
    last seen 2016-02-02
    modified 2011-12-09
    published 2011-12-09
    reporter Ramon de C Valle
    source https://www.exploit-db.com/download/18221/
    title Apache HTTP Server Denial of Service
metasploit via4
description The byterange filter in the Apache HTTP Server 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, exploit called "Apache Killer"
id MSF:AUXILIARY/DOS/HTTP/APACHE_RANGE_DOS
last seen 2018-09-05
modified 2017-07-24
published 2011-09-23
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/apache_range_dos.rb
title Apache Range Header DoS (Apache Killer)
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_7_2.NASL
    description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreMedia - CoreProcesses - CoreStorage - File Systems - iChat Server - Kernel - libsecurity - Open Directory - PHP - python - QuickTime - SMB File Server - X11
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 56480
    published 2011-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56480
    title Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-130.NASL
    description Multiple vulnerabilities has been discovered and corrected in apache : The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086 (CVE-2011-3192). The updated packages have been patched to correct this issue.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 56084
    published 2011-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56084
    title Mandriva Linux Security Advisory : apache (MDVSA-2011:130-1)
  • NASL family Misc.
    NASL id JUNIPER_NSM_JSA10642.NASL
    description The remote host has one or more instances of NSM (Network and Security Manager) Server running, with version(s) prior to 2012.2R9. It is, therefore, affected by multiple vulnerabilities related to its Java and Apache installations.
    last seen 2019-01-16
    modified 2018-07-12
    plugin id 77326
    published 2014-08-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77326
    title Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-12715.NASL
    description This update includes the latest stable release of the Apache HTTP Server, version 2.2.21. Two security issues have been fixed : mod_proxy_ajp when combined with mod_proxy_balancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service. (CVE-2011-3348) Fixes to the handling of byte-range requests to use less memory, to avoid denial of service. (CVE-2011-3192) A number of bugs have been fixed as well. See : http://www.apache.org/dist/httpd/CHANGES_2.2.21 http://www.apache.org/dist/httpd/CHANGES_2.2.20 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2016-05-20
    plugin id 56217
    published 2011-09-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56217
    title Fedora 15 : httpd-2.2.21-1.fc15 (2011-12715)
  • NASL family Web Servers
    NASL id HPSMH_7_0_0_24.NASL
    description According to the web server's banner, the version of HP System Management Homepage (SMH) hosted on the remote host is earlier than 7.0. As such, it is reportedly affected by the following vulnerabilities : - An error exists in the 'generate-id' function in the bundled libxslt library that can allow disclosure of heap memory addresses. (CVE-2011-0195) - An unspecified input validation error exists and can allow cross-site request forgery attacks. (CVE-2011-3846) - Unspecified errors can allow attackers to carry out denial of service attacks via unspecified vectors. (CVE-2012-0135, CVE-2012-1993) - The bundled version of PHP contains multiple vulnerabilities. (CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3267, CVE-2011-3268) - The bundled version of Apache contains multiple vulnerabilities. (CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639) - OpenSSL libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2011-0014, CVE-2011-1468, CVE-2011-1945, CVE-2011-3207,CVE-2011-3210) - Curl libraries are contained in several of the bundled components and contain multiple vulnerabilities. (CVE-2009-0037, CVE-2010-0734, CVE-2011-2192)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 58811
    published 2012-04-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=58811
    title HP System Management Homepage < 7.0 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2011-006.NASL
    description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreFoundation - CoreMedia - File Systems - IOGraphics - iChat Server - Mailman - MediaKit - PHP - postfix - python - QuickTime - Tomcat - User Documentation - Web Server - X11
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 56481
    published 2011-10-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56481
    title Mac OS X Multiple Vulnerabilities (Security Update 2011-006)
  • NASL family Web Servers
    NASL id WEBSPHERE_8_0_0_1.NASL
    description IBM WebSphere Application Server 8.0 before Fix Pack 1 appears to be running on the remote host and is potentially affected by the following vulnerabilities : - An open redirect vulnerability exists related to the 'logoutExitPage' parameter. This can allow remote attackers to trick users into requesting unintended URLs. (PM35701) - The administrative console can display a stack trace under unspecified circumstances and can disclose potentially sensitive information to local users. (PM36620) - An unspecified error exists that can allow cross-site request forgery attacks. (PM36734) - A token verification error exists in the bundled OpenSAML library. This error can allow an attacker to bypass security controls with an XML signature wrapping attack via SOAP messages. (PM43254) - A directory traversal attack is possible via unspecified parameters in the 'help' servlet. (PM45322) - The JavaServer Faces (JSF) application functionality could allow a remote attacker to read files because it fails to properly handle requests. (PM45992) - The HTTP server contains an error in the 'ByteRange' filter and can allow denial of service attacks when processing malicious requests. (PM46234)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 56348
    published 2011-09-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56348
    title IBM WebSphere Application Server 8.0 < Fix Pack 1 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_APACHE2-110831.NASL
    description This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . (CVE-2011-3192)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75786
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75786
    title openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2011-252-01.NASL
    description Not long ago, httpd package updates were issued to clamp down on a denial of service bug that's seen some action in the wild. New packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current.
    last seen 2019-01-16
    modified 2016-05-19
    plugin id 56142
    published 2011-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56142
    title Slackware 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : httpd (SSA:2011-252-01)
  • NASL family Web Servers
    NASL id APACHE_RANGE_DOS.NASL
    description The version of Apache HTTP Server running on the remote host is affected by a denial of service vulnerability. Making a series of HTTP requests with overlapping ranges in the Range or Request-Range request headers can result in memory and CPU exhaustion. A remote, unauthenticated attacker could exploit this to make the system unresponsive. Exploit code is publicly available and attacks have reportedly been observed in the wild.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 55976
    published 2011-08-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55976
    title Apache HTTP Server Byte Range DoS
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2011-1.NASL
    description The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-04-18
    plugin id 78262
    published 2014-10-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78262
    title Amazon Linux AMI : httpd (ALAS-2011-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-7722.NASL
    description This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges. (CVE-2011-3192) It also fixes a bug, where the LimitRequestFieldsize config option into account when parsing headers from backend, thereby avoiding that the receiving buffers are too small.
    last seen 2019-01-16
    modified 2015-01-13
    plugin id 57155
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57155
    title SuSE 10 Security Update : Apache (ZYPP Patch Number 7722)
  • NASL family Web Servers
    NASL id WEBSPHERE_6_1_0_41.NASL
    description IBM WebSphere Application Server 6.1 before Fix Pack 41 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities : - A cross-site scripting vulnerability via vectors related to web messaging. (CVE-2011-5065) - A cross-site scripting vulnerability in the Installation Verification Test (IVT) in the Install component. (CVE-2011-1362) - The SibRaRecoverableSiXaResource class in the Default Messaging Component does not properly handle a Service Integration Bus (SIB) dump operation involving the Failure Data Capture (FFDC) introspection code. This can allow local users to obtain sensitive information by reading the FFDC log file. (CVE-2011-5066) - A directory traversal vulnerability in the administration console that allows remote attackers to read arbitrary files on the host. (CVE-2011-1359) - A potential Denial of Service with malicious range requests. (CVE-2011-3192) - An unspecified vulnerability in the Web Services Security component when enabling WS-Security for a JAX-WS application. (CVE-2011-1377)
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 57607
    published 2012-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57607
    title IBM WebSphere Application Server 6.1 < 6.1.0.41 Multiple Vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_7F6108D2CEA811E09D580800279895EA.NASL
    description Apache HTTP server project reports : A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by Apache HTTPD server.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 56017
    published 2011-08-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56017
    title FreeBSD : apache -- Range header DoS vulnerability (7f6108d2-cea8-11e0-9d58-0800279895ea)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20110831_HTTPD_ON_SL4_X.NASL
    description The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-12-31
    plugin id 61126
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61126
    title Scientific Linux Security Update : httpd on SL4.x, SL5.x, SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1245.NASL
    description Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 56032
    published 2011-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56032
    title RHEL 4 / 5 / 6 : httpd (RHSA-2011:1245)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-110831.NASL
    description This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges. (CVE-2011-3192) It also fixes a issue in mod_dav, where the (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x allowed remote attackers to cause a denial of service (process crash) via a request that lacks a path. (CVE-2010-1452) Also following bugs were fixed : - recommend the default MPM (prefork) via Recommends: in .spec - apache not sending error 304 if mod_deflate is enabled. - take LimitRequestFieldsize config option into account when parsing headers from backend.
    last seen 2019-01-16
    modified 2015-01-13
    plugin id 57088
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57088
    title SuSE 11.1 Security Update : Apache (SAT Patch Number 5090)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_APACHE2-111026.NASL
    description This update brings Apache to version 2.2.12. The main reason is the enablement of the Server Name Indication (SNI) that allows several SSL-enabled domains on one IP address (FATE#311973). See the SSLStrictSNIVHostCheck directive as documented in /usr/share/apache2/manual/mod/mod_ssl.html.en Also the patch for the ByteRange remote denial of service attack (CVE-2011-3192) was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded, the complete content is served. default: 200 0|unlimited: unlimited none: Range headers are ignored. This option is a backport from 2.2.21. Also fixed were - Denial of service in proxy_ajp when using a undefined method. (CVE-2011-3348) - Exposure of internal servers via reverse proxy methods with mod_proxy enabled and incorrect Rewrite or Proxy Rules. This update also includes a newer apache2-vhost-ssl.template, which disables SSLv2, and allows SSLv3 and strong ciphers only. Please note that existing vhosts will not be converted. (CVE-2011-3368)
    last seen 2019-01-16
    modified 2015-01-13
    plugin id 57089
    published 2011-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57089
    title SuSE 11.1 Security Update : Apache2 (SAT Patch Number 5344)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL13114.NASL
    description The byte-range filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial-of-service (memory and CPU consumption) using a Range header that expresses multiple overlapping ranges.
    last seen 2019-01-16
    modified 2019-01-04
    plugin id 78131
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78131
    title F5 Networks BIG-IP : Apache Range header vulnerability (SOL13114)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_APACHE2-111026.NASL
    description This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack (CVE-2011-3192) was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded, the complete content is served. default: 200 0|unlimited: unlimited none: Range headers are ignored. This option is a backport from 2.2.21. Also fixed: CVE-2011-3348: Denial of service in proxy_ajp when using a undefined method. CVE-2011-3368: Exposure of internal servers via reverse proxy methods with mod_proxy enabled and incorrect Rewrite or Proxy Rules.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75426
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75426
    title openSUSE Security Update : apache2 (openSUSE-SU-2011:1217-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2011-1245.NASL
    description Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 56046
    published 2011-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56046
    title CentOS 4 : httpd (CESA-2011:1245)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_APACHE2-7721.NASL
    description This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges. (CVE-2011-3192) It also fixes some non-security bugs : - take LimitRequestFieldsize config option into account when parsing headers from backend. Thereby avoid that the receiving buffers are too small. bnc#690734. - add / when on a directory to feed correctly linked listings. bnc#661597: * a2enmod shalt not disable a module in query mode. bnc#663359 - New option SSLRenegBufferSize fixes '413 Request Entity Too Large occur' problem. - fixes graceful restart hangs, bnc#555098.
    last seen 2019-01-16
    modified 2015-01-13
    plugin id 56600
    published 2011-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56600
    title SuSE 10 Security Update : Apache (ZYPP Patch Number 7721)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2011-12667.NASL
    description This update contains the latest stable release of the Apache HTTP Server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2016-05-20
    plugin id 56359
    published 2011-10-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56359
    title Fedora 16 : httpd-2.2.21-1.fc16 (2011-12667)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1199-1.NASL
    description A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 56048
    published 2011-09-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56048
    title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : apache2 vulnerability (USN-1199-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2011-1245.NASL
    description From Red Hat Security Advisory 2011:1245 : Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 68342
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68342
    title Oracle Linux 4 / 5 / 6 : httpd (ELSA-2011-1245)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_APACHE2-110831.NASL
    description This update fixes a remote denial of service bug (memory exhaustion) in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . (CVE-2011-3192)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75425
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75425
    title openSUSE Security Update : apache2 (openSUSE-SU-2011:0993-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2011-01.NASL
    description The MITRE CVE database describes CVE-2011-3192 as : The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
    last seen 2019-01-16
    modified 2015-01-30
    plugin id 69560
    published 2013-09-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69560
    title Amazon Linux AMI : httpd (ALAS-2011-01)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2298.NASL
    description Two issues have been found in the Apache HTTPD web server : - CVE-2011-3192 A vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This vulnerability allows an attacker to cause Apache HTTPD to use an excessive amount of memory, causing a denial of service. - CVE-2010-1452 A vulnerability has been found in mod_dav that allows an attacker to cause a daemon crash, causing a denial of service. This issue only affects the Debian 5.0 oldstable/lenny distribution.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 55998
    published 2011-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=55998
    title Debian DSA-2298-2 : apache2 - denial of service
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2011-1294.NASL
    description Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, 5.6 Extended Update Support, and 6.0 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The Apache HTTP Server is a popular web server. A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially crafted Range header. (CVE-2011-3192) All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2017-01-10
    plugin id 63998
    published 2013-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63998
    title RHEL 5 / 6 : httpd (RHSA-2011:1294)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201206-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-201206-25 (Apache HTTP Server: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details. Impact : A remote attacker might obtain sensitive information, gain privileges, send requests to unintended servers behind proxies, bypass certain security restrictions, obtain the values of HTTPOnly cookies, or cause a Denial of Service in various ways. A local attacker could gain escalated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-11
    plugin id 59678
    published 2012-06-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59678
    title GLSA-201206-25 : Apache HTTP Server: Multiple vulnerabilities
  • NASL family Web Servers
    NASL id APACHE_2_0_65.NASL
    description According to its banner, the version of Apache 2.0.x running on the remote host is prior to 2.0.65. It is, therefore, affected by several vulnerabilities : - A flaw exists in the byte-range filter, making it vulnerable to denial of service. (CVE-2011-3192) - A flaw exists in 'mod_proxy' where it doesn't properly interact with 'RewriteRule' and 'ProxyPassMatch' in reverse proxy configurations. (CVE-2011-3368) - A privilege escalation vulnerability exists relating to a heap-based buffer overflow in 'ap_pregsub' function in 'mod_setenvif' module via .htaccess file. (CVE-2011-3607) - A local security bypass vulnerability exists within scoreboard shared memory that may allow the child process to cause the parent process to crash. (CVE-2012-0031) - A flaw exists within the status 400 code when no custom ErrorDocument is specified that could disclose 'httpOnly' cookies. (CVE-2012-0053) - A flaw exists in the 'RewriteLog' function where it fails to sanitize escape sequences written to log files, which could result in arbitrary command execution. (CVE-2013-1862) Note that the remote web server may not actually be affected by these vulnerabilities. Nessus did not try to determine whether the affected modules are in use nor did it test for the issues themselves.
    last seen 2019-01-16
    modified 2018-06-29
    plugin id 68914
    published 2013-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68914
    title Apache 2.0.x < 2.0.65 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_4_APACHE2-111026.NASL
    description This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack (CVE-2011-3192) was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded, the complete content is served. default: 200 0|unlimited: unlimited none: Range headers are ignored. This option is a backport from 2.2.21. Also fixed: CVE-2011-3348: Denial of service in proxy_ajp when using a undefined method. CVE-2011-3368: Exposure of internal servers via reverse proxy methods with mod_proxy enabled and incorrect Rewrite or Proxy Rules.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75787
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75787
    title openSUSE Security Update : apache2 (openSUSE-SU-2011:1217-1)
oval via4
  • accepted 2015-04-20T04:00:41.492-04:00
    class vulnerability
    contributors
    • name Yamini Mohan R
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
    family unix
    id oval:org.mitre.oval:def:14762
    status accepted
    submitted 2012-01-30T14:02:48.000-05:00
    title HP-UX Apache Web Server, Remote Denial of Service (DoS)
    version 45
  • accepted 2015-04-20T04:00:42.506-04:00
    class vulnerability
    contributors
    • name Yamini Mohan R
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
    family unix
    id oval:org.mitre.oval:def:14824
    status accepted
    submitted 2012-01-30T13:51:11.000-05:00
    title HP-UX Apache Web Server, Remote Denial of Service (DoS)
    version 44
  • accepted 2015-05-04T04:00:11.108-04:00
    class vulnerability
    contributors
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    comment VisualSVN Server is installed
    oval oval:org.mitre.oval:def:18636
    description The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
    family windows
    id oval:org.mitre.oval:def:18827
    status accepted
    submitted 2013-10-02T13:00:00
    title Apache HTTP vulnerability 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 in VisualSVN Server (CVE-2011-3192)
    version 8
packetstorm via4
redhat via4
advisories
  • bugzilla
    id 732928
    title CVE-2011-3192 httpd: multiple ranges DoS
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment httpd is earlier than 0:2.0.52-48.ent
            oval oval:com.redhat.rhsa:tst:20111245002
          • comment httpd is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060619003
        • AND
          • comment httpd-devel is earlier than 0:2.0.52-48.ent
            oval oval:com.redhat.rhsa:tst:20111245004
          • comment httpd-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060619005
        • AND
          • comment httpd-manual is earlier than 0:2.0.52-48.ent
            oval oval:com.redhat.rhsa:tst:20111245006
          • comment httpd-manual is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060619011
        • AND
          • comment httpd-suexec is earlier than 0:2.0.52-48.ent
            oval oval:com.redhat.rhsa:tst:20111245010
          • comment httpd-suexec is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070534011
        • AND
          • comment mod_ssl is earlier than 0:2.0.52-48.ent
            oval oval:com.redhat.rhsa:tst:20111245008
          • comment mod_ssl is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060619009
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhsa:tst:20100842001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhsa:tst:20100842002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhsa:tst:20100842003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhsa:tst:20100842004
      • OR
        • AND
          • comment httpd is earlier than 0:2.2.15-9.el6_1.2
            oval oval:com.redhat.rhsa:tst:20111245016
          • comment httpd is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111245017
        • AND
          • comment httpd-devel is earlier than 0:2.2.15-9.el6_1.2
            oval oval:com.redhat.rhsa:tst:20111245018
          • comment httpd-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111245019
        • AND
          • comment httpd-manual is earlier than 0:2.2.15-9.el6_1.2
            oval oval:com.redhat.rhsa:tst:20111245024
          • comment httpd-manual is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111245025
        • AND
          • comment httpd-tools is earlier than 0:2.2.15-9.el6_1.2
            oval oval:com.redhat.rhsa:tst:20111245022
          • comment httpd-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111245023
        • AND
          • comment mod_ssl is earlier than 0:2.2.15-9.el6_1.2
            oval oval:com.redhat.rhsa:tst:20111245020
          • comment mod_ssl is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111245021
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhsa:tst:20070055001
      • OR
        • AND
          • comment httpd is earlier than 0:2.2.3-53.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111245027
          • comment httpd is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556003
        • AND
          • comment httpd-devel is earlier than 0:2.2.3-53.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111245031
          • comment httpd-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556005
        • AND
          • comment httpd-manual is earlier than 0:2.2.3-53.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111245029
          • comment httpd-manual is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556009
        • AND
          • comment mod_ssl is earlier than 0:2.2.3-53.el5_7.1
            oval oval:com.redhat.rhsa:tst:20111245033
          • comment mod_ssl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070556007
    rhsa
    id RHSA-2011:1245
    released 2011-08-31
    severity Important
    title RHSA-2011:1245: httpd security update (Important)
  • bugzilla
    id 732928
    title CVE-2011-3192 httpd: multiple ranges DoS
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment httpd is earlier than 0:2.2.3-45.el5_6.2
          oval oval:com.redhat.rhsa:tst:20111294002
        • comment httpd is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070556003
      • AND
        • comment httpd-devel is earlier than 0:2.2.3-45.el5_6.2
          oval oval:com.redhat.rhsa:tst:20111294008
        • comment httpd-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070556005
      • AND
        • comment httpd-manual is earlier than 0:2.2.3-45.el5_6.2
          oval oval:com.redhat.rhsa:tst:20111294004
        • comment httpd-manual is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070556009
      • AND
        • comment mod_ssl is earlier than 0:2.2.3-45.el5_6.2
          oval oval:com.redhat.rhsa:tst:20111294006
        • comment mod_ssl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070556007
    rhsa
    id RHSA-2011:1294
    released 2011-09-14
    severity Important
    title RHSA-2011:1294: httpd security update (Important)
  • rhsa
    id RHSA-2011:1300
  • rhsa
    id RHSA-2011:1329
  • rhsa
    id RHSA-2011:1330
  • rhsa
    id RHSA-2011:1369
rpms
  • httpd-0:2.0.52-48.ent
  • httpd-devel-0:2.0.52-48.ent
  • httpd-manual-0:2.0.52-48.ent
  • httpd-suexec-0:2.0.52-48.ent
  • mod_ssl-0:2.0.52-48.ent
  • httpd-0:2.2.15-9.el6_1.2
  • httpd-devel-0:2.2.15-9.el6_1.2
  • httpd-manual-0:2.2.15-9.el6_1.2
  • httpd-tools-0:2.2.15-9.el6_1.2
  • mod_ssl-0:2.2.15-9.el6_1.2
  • httpd-0:2.2.3-53.el5_7.1
  • httpd-devel-0:2.2.3-53.el5_7.1
  • httpd-manual-0:2.2.3-53.el5_7.1
  • mod_ssl-0:2.2.3-53.el5_7.1
  • httpd-0:2.2.3-45.el5_6.2
  • httpd-devel-0:2.2.3-45.el5_6.2
  • httpd-manual-0:2.2.3-45.el5_6.2
  • mod_ssl-0:2.2.3-45.el5_6.2
refmap via4
apple APPLE-SA-2011-10-12-3
bid 49303
cert-vn VU#405811
cisco 20110830 Apache HTTPd Range Header Denial of Service Vulnerability
confirm
fulldisc
  • 20110820 Apache Killer
  • 20110824 Re: Apache Killer
hp
  • HPSBMU02704
  • HPSBMU02766
  • HPSBMU02776
  • HPSBOV02822
  • HPSBUX02702
  • HPSBUX02707
  • SSRT100606
  • SSRT100619
  • SSRT100624
  • SSRT100626
  • SSRT100852
  • SSRT100966
mandriva
  • MDVSA-2011:130
  • MDVSA-2013:150
mlist
  • [announce] 20110824 Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x \(CVE-2011-3192\)
  • [dev] 20110823 Re: DoS with mod_deflate & range requests
osvdb 74721
sectrack 1025960
secunia
  • 45606
  • 45937
  • 46000
  • 46125
  • 46126
suse
  • SUSE-SU-2011:1000
  • SUSE-SU-2011:1007
  • SUSE-SU-2011:1010
  • SUSE-SU-2011:1216
  • SUSE-SU-2011:1229
  • openSUSE-SU-2011:0993
ubuntu USN-1199-1
xf apache-http-byterange-dos(69396)
Last major update 22-08-2016 - 22:04
Published 29-08-2011 - 11:55
Last modified 30-11-2018 - 16:29
Back to Top